Skip to content
ITNotes ITNotes

From Terminal to Cloud

  • AI
  • DevOps
  • HomeLab
  • Linux
  • Networking
  • Programming
  • English
    • English
    • Tiếng Việt
    • 日本語
  • AI
  • DevOps
  • HomeLab
  • Linux
  • Networking
  • Programming
  • English
    • English
    • Tiếng Việt
    • 日本語
Home » Web Security
Security tutorial - IT technology blog
Posted inSecurity

Threat Modeling with STRIDE: Analyze Security Risks Before Writing a Single Line of Code

May 29, 2026
STRIDE threat modeling helps you identify security risks in web apps and APIs before writing code — catching authentication flaws, privilege escalation, and data leaks at the design stage. This guide walks through practical tools like OWASP Threat Dragon and pytm, with real examples for REST API architectures.
Read More
Security tutorial - IT technology blog
Posted inSecurity

Manual Web Forensics: Hunting SQLi and Web Shells via CLI Logs

May 17, 2026
Master manual web forensics using Linux CLI tools like grep and awk to detect SQL injection and hidden web shells in your server logs during an incident.
Read More
Security tutorial - IT technology blog
Posted inSecurity

OAuth 2.0 and OpenID Connect Security: Common Vulnerabilities and How to Implement Them Correctly

April 28, 2026
OAuth 2.0 and OpenID Connect are the backbone of modern authentication, but misconfiguration is common and costly. This guide covers the most frequent vulnerabilities — missing state parameters, open redirects, improper token validation — and shows you how to implement each step correctly with practical Python examples.
Read More
Security tutorial - IT technology blog
Posted inSecurity

Installing & Configuring ModSecurity WAF for Apache/Nginx Web App Protection

March 29, 2026
Learn how to install and configure ModSecurity WAF for both Apache and Nginx web servers. This guide covers core concepts, detailed setup instructions, and essential best practices to protect your web applications from common cyber threats like SQL injection and XSS.
Read More
Security tutorial - IT technology blog
Posted inSecurity

How to Protect Web Apps from XSS and CSRF Vulnerabilities: A Production Retrospective

March 23, 2026
After six months hardening a production web app against XSS and CSRF attacks, this guide covers what actually works: output encoding, nonce-based CSP, CSRF tokens, SameSite cookies, and security headers — with practical Python and Nginx code examples.
Read More
Security tutorial - IT technology blog
Posted inSecurity

SSL/TLS Certificate Setup with Let’s Encrypt: A Production Guide

March 13, 2026
Web security is critical. This guide offers clear, practical steps to implement SSL/TLS certificates with Let's Encrypt, ensuring your web applications are secure and trusted. Learn about installation, configuration, and automatic renewal.
Read More
Security tutorial - IT technology blog
Posted inSecurity

OWASP Top 10: Understanding and Preventing Common Web Vulnerabilities

March 10, 2026
Dive into the OWASP Top 10, your crucial guide to understanding and preventing common web vulnerabilities. This article offers a beginner-friendly breakdown of critical security risks like Injection and Broken Access Control, complete with practical examples to help junior developers build secure applications.
Read More
Copyright 2026 — ITNotes. All rights reserved.
Privacy Policy | Terms of Service | Contact: [email protected] DMCA.com Protection Status
Scroll to Top